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(2) Memory Protection 

5 This function permits an access to the data memory only when 

a predefined condition is met. The data memory is divided into 
multiple areas and different access conditions such as those listed 
in Table 10.2 are assigned on each of the areas. For example, an 
attempt to make a read/write access on an area where the condition 

10 1 in the table is assigned is permitted only when the corresponding 
issuer key is verified positively through the process described 
in section (1) above. This means that the area is only accessible 
by the issuer. An attempt to make a read/write access on an area 
assigned with the condition 2 is permitted only when the 

15 corresponding user PIN is verified through, the process described 
in the section (1) , meaning that the area is only accessible by 
the user. Example data to be stored in each area is also listed 
in the table. Note that the description in the table is not of 
generic nature as the access condition specification largely depends 

20 on a specific applicationt . 

(3) Security Function Using Encryption 

This provides data encryption and authentication by using 
an encryption algorithm that is incorporated in the IC card. 
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t Access conditions are specified using an IC card issuing system. 
An optimal access condition supporting the use purpose can be 
selected by the IC card issuing system. 
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10. Information Security in the Social Life 

Table 10.2 Example of access condition table 
Issuer key has been verified 
10 User PIN has been verified 
PIN is not yet verified 
Example data 

Read Write 
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Condition 1 



Encryption key 



Condition 2 



Transaction data 



Condition 3 



Account number, maximum credit amount 



Condition 4 



User name 
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10.1 IC Card and Security 

Table 10.3 Advantages of IC card comprising display and 
5 keyboard (4) (7) 



New functions 

User identification can be carried out independently on the card 
Data access can be carried out independently on the card 
10 Added functions including a clock , calculator, and memo pad 

Benefit for the card user 

The time required for credit inquiry etc. is reduced 

Data (for example, credit balance and transaction detail) contained 
15 in the card can be accessed without using a terminal device 

Increased added values 

Benefit for the card issuer 
Communication costs are saved 
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Table 10.4 Subject areas concerning IC card standardization 
discussed by ISO (8) 

5 Elements to be standardized 
Key agendas 
Status 

1 IC card definition and physical properties 
10 2 Dimension and position of external terminals 

3 Electrical signal and exchange protocol 

4 Common set of commands for the IC card 

5 Massage format 

6 Logical configuration of on-card memories 
15 7 Card life cycle 

8 Transaction process 

9 Key management 

Definition of the IC card with an external terminal; standards for 



4 



an environmental resistance test, etc. 

Position, dimension, and signal assignment etc., of the external 
terminals 

5 

Built-in IC electrical properties (NMOS/CMOS-based) ; method for 
providing control signals; communication protocol for exchanging 
information (character transmission/block transmission system) 

10 Basic functions common to different applications (related with items 
5 and 6) 

Message configuration between the IC card and equipment (transaction 
settlement messages in the financial sector) 

15 

Memory access method (physical address /logical address) ; access 
right control system, etc. 

Security management involved with different stages in the IC card 
20 life cycle including manufacture, issuance, use, and decommission. 
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Transaction procedure using IC cards; prevention of illegal 
transactions (for example, user identification and various types 
of authentication) 

5 

Management of the control information (for example encryption key 
and PIN) required for implementing items 7 and 8 

Established!) 3) 

10 

Established2) 3) 
Notes : 

lto4: Standardization of the IC card itself (responsible committee : 
15 ISO/IEC, JTC1/SC17WG4) 

5 to 9 : Standardization of application systems for the financial 
sector (responsible committee: ISO TC68/SC6/WG5 , 7) 

DIS: Draft International Standards 
20 10.1.4 IC Card Security Technologies in the Future 
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Keeping in mind a possible advance of the IC card in the 
future, security functions that are optimized for the IC card have 
been actively proposed recently. Some of them are outlined below. 

In one aspect, the IC card is assumed as a physically secure 
5 device or as a TFM (Tamper Free Module) , and based on this assumption, 
efforts are made to implement necessary functions in a simple manner 
that would otherwise add up to a complicated mechanism inmost cases . 
For example, a digital signature, that is generally considered 
difficult to be implemented without the aid of public key cryptogram, 
10 can easily be implemented in combination with common key cryptogram 
if the IC card per se is supposed to be secure physically. An example 
implementation (9) is as follows . First, following assumptions are 
made . 

1) The same encryption key K is used for all IC cards . Different 
15 ID numbers are used for each of the IC cards. 

2) The IC card issuer writes the encryption key and ID number 
into respective IC cards . 

3) Access protection is provided for the encryption key using 
the condition 1 listed in Table 10.2 as well as for the ID number 

20 using the condition 3 . 

4) The issuer is trustworthy. 

As shown in Fig. 10.4, when user A sends a message M with 
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his signature to user B, the user A enters his PIN on the IC card 
A and then instructs the card A to place the signature on the message 
M. As the PIN has already been verified, the card A accepts the 
instruction to initiate a signature process. The card A adds its 
5 own ID nuinber IDA at the tail of M, carries out encryption with 
EK, and returns the encryption output C to the user A. The user 
A sends C to the user B. The user B instructs the IC card B to 
decrypt C. The card B decrypts C with DK to return the result to 
the user B. The user B checks to confirm the user A's ID number 
10 IDA 1 attached to the tail of M. Needless to say, this ID number 
represents the user A's signature. 

The security in the use of this system is discussed below. 
First, forgery of the user A's signature cannot be achieved on any 
cards other than the IC card A . Any attempt to forge the w signature" 

15 on other IC card is immediately detected from the ID number of that 
particular card that is appended automatically when the signature 
is placed using that card. No one but the issuer who is trustworthy 
can rewrite the ID number as it resides in the area where the condition 
3 is assigned. Furthermore, forgery of the signature using the 

20 decryption instruction is not possible for reasons as follows . The 
signature of the user A must be in the format EK (M, IDA) . If it 
is possible to find M' that satisfies 

DK(M')=EK(M, IDA) 

or 
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M'=EK (EK M, IDA) ) , 

a forged signature can be obtained by decrypting M' , however, it 
is difficult to solve the equations shown above. Furthermore, only 
the user A can use the IC card A because the card performs PIN 
5 verification. In other words, signature text C can be produced 
only when the user A uses his own IC card. It is the digital signature 
technology that enables this functionality. 

Public key cryptogram can also be configured with common 
key cryptogram if one assumes that the IC card is TFM(IO) . Fig. 

10 10.5 depicts this configuration. In Fig. 10.5, (E, D) and (E', 
D') represent a pair of encryption and decryption, respectively 
of the common key cryptogram. A procedure during the card issuance 
is described first. A trustworthy issuer writes a secret key KI 
that is common to the entire system and a secret key KSB specific 

15 to the IC card B into the memory of the IC cardB where access protection 
is implemented. The issuer then encrypts the secret key KSB with 
E'KI to disclose it as a public key KPB for the user B. The same 
procedure applies to other IC cards. A process involved with the 
use of cards is described next, supposing that the user A conducts 

20 a secret communication with the user B . The user A enters a message 
M and the public key KPB of the user B in user A's IC card and issues 
an encryption instruction. The IC card decrypts KPB with D 'KI , 
internally obtains the user B's secret key KSB to use it as a key 
to encrypt M with EKSB, and returns the output C to the user A. 

25 The user A in turn sends C to the user B. The user B enters his 
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PIN into his IC card and then gives an instruction to decrypt C. 
The IC card uses the secret key KSB stored therein to decrypt C 
with DKSB and returns the message M to the user B. 

5 Fig. 10.4 Digital signature based on physical security 
User A 
"Signature" 
Control input 
IC card A 

10 

Control input 
"Decryption" 
User B 

15 Fig. 10.5 Public key cryptography based on physical security 
Public key file 
Issuer I 
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User A 
"Encryption" 
Control input 
5 IC card A 

Control input 
IC card B 
"Decryption" 
10 User B 
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